Category Archives: Technical Meetup

The next technical meetup is another of our collaboration with the students from NUS GreyHats.
We try to be an open, inclusive and responsible volunteer driven community.

We are also committed to the spread of hacker culture & free/open-source software by continuously writing technical articles.
We hope that all these technical meetups not only helps to spread information security awareness but also allow us to learn from other members of the community as well.

We are also glad that NSHC had not only one of their employee, HyungWoo Kim, presenting for this event but also their CEO, Louis Hur. Grateful to the students from NUSGreyHats are helping me setting this up.

All the technical meetups are free for anyone to attend.
Thanks a lot to everyone involved. 😀

In case you are lost in NUS, here is floorplan provided by NUS GreyHats.

PRESENTATIONS:
The state of Scada System Security – Louis Hur
Hack The World : Scada Hacking – HyunWoo Kim

Level:
Beginner-Intermediate

Nowadays, many attack methodologies against SCADA systems are published on conferences or papers. However, it is a little hard to apply them on real world. So, we will discuss attack scenario and methodology to SCADA systems, focusing on Korea’s SCADA systems. but i think other country also very similar. Of course, there will be an attack demo in a simulated network.

Bio:
Mr Louis Hur is CEO & Founder of NSHC Inc. Mr. Louis brings more than 15 years of field-proven experience security businesses that help clients reduce their enterprise-wide IT security risk. Prior to starting NSHC, Mr. Louis served as the Pen-Tester and General Manager of TSONNET Global Professional Services organization. He specialised in pen-testing, Bug Hunting, Malware Analysis & Cyber-espionage investigation.
He is also the Team leader for Korea Cyber Terror Response Team. He has presented at Black Hat, HITCON, ISEC, CSS, etc.

Bio:
HyunWoo Kim is a Security Researcher at NSHC.
In this role, HyunWoo analyzes and performs root-cause analysis of vulnerabilities.
His primary focus includes performing root-cause analysis and exploit development.
In 2015, he is one of the top 10 finalist from KITRI ‘Best of the Best’ 3rd edition.
He has spoken at numerous security related events, including CODEGATE 2015, SECUINSIDE 2015, CIISCON 2014, and POC 2014

To be honest, i really don’t know how to call this up-coming event since i don’t organise any sort of technical meetup except for CTF or drinking.

VXSecurity is run by a group of friends in SG committed to the spread of hacker culture & free/open-source software by continuously writing technical articles. We try to provide a platform for like-minded people in SG who are currently building or breaking things (be it for charity, business or pleasure).

We usually hold workshops and give presentations in local Universities. So this technical meetup is kind of a new experience for us.

We firmly believe that breaking & building is a good way forward for any type of good innovation. As an extension to that, we think that tinkering is good for everyone to try and learn new things. I am also glad that NSHC had let us use their meeting room for this event and the students from NUSGreyHats are helping me setting this up.
Thanks a lot. 😀

Level:
Beginner (presentation of concepts described in the paper with the same title by Christoph Kern [1])

If you’ve developed software, you’ve probably been told at least once that security should be built into your application. But what does it mean? It’s clear that modern web application frameworks are too busy trying to make security “easy”, some with the goal of never exposing developers to it at all. In this talk I’ll present an example of building security into your application and why I think it’s not a good idea to hide security critical pieces of your application.

[1] http://research.google.com/pubs/pub42934.html

Bio:
Meder has been working in the area of application security for nearly a decade. He’s poked at, broken, and helped fix a lot of code businesses and parts of the Internet depends on (Struts2, JBoss Seam, Google Web Toolkit, and Ruby on Rails, to name a few). Some of the things that excite him include: karaoke, server-side security, kumys and making software security easier.